ERPScan, the ERP security specialist firm which originally discovered the misconfiguration flaw (research pdf here), said that Onapsis’s figures on exposure to the vulnerability are optimistic by more than an order of magnitude.

Alexander Polyakov, CTO at ERPScan, told El Reg that its research suggests as many as 533 organisations are at risk.

“Onapsis said that 36 organizations were actually breached,” Polyakov told El Reg. “Our assumption is that all of them were just examples of vulnerable systems which white-hats publish on their forum.”

“Onapsis’ assumption that those publications on Chinese forum are examples of cyberattacks is wrong. I agree with them is that there are many vulnerably systems (533 at least) and some people probably hacked them for real profit. Not just published a screenshot of potential deface but really performed [a} cyberattack.”

Source: 36 firms at risk from that unpatched 2010 SAP vuln? Try 500+

Millions of people around the world now use ATMs every day to withdraw cash, pay in to their account or make a variety of payments. Unfortunately, ATM manufacturers and their primary customers – banks – don’t pay much attention to the security of cash machines.

Source: Malware and non-malware ways for ATM jackpotting. Extended cut – Securelist

Cisco’s Talos security intelligence and research group has come across a piece of software that installed backdoors on 12 million computers around the world.The software, which exhibits adware and spyware capabilities, was developed by a French online advertising company called Tuto4PC. The firm, previously known as Eorezo Group and apparently linked to another company called Wizzlabs, has been targeted by French authorities over its questionable practices regarding the installation of unwanted software and harvesting of users’ personal details.
[…]
Researchers determined that the application, installed with administrator rights, was capable not only of downloading and installing other software, such as a known scareware called System Healer, but also of harvesting personal information. Furthermore, experts found that the software is designed to detect the presence of sandboxes, antiviruses, security tools, forensic software and remote access doors.

These “features” have led Cisco Talos to classify the Tuto4PC software as a “full backdoor capable of a multitude of undesirable functions on the victim machine.”

Source: Cisco Finds Backdoor Installed on 12 Million PCs | SecurityWeek.Com

A severe vulnerability in the way Microsoft Office 365 handles federated identities via SAML put an attacker in a position to have access to any account and data, including emails and files stored in the cloud-based service. Microsoft pushed through a mitigation to the service on Jan. 5, seven hours after being notified by researchers Yiannis Kakavas and Klemen Bratec. “The attack surface was quite big (Outlook Online, OneDrive, Skype for Business, OneNote — depending on what the company has paid for in terms of licensing),” Kakavas and Bratec told Threatpost via email. “And a malicious user exploiting this vulnerability could have gained access to very sensitive private and company information (emails, internal documents etc. ).” Office 365 users who had configured domains as federated were affected. The list includes British Airways, Microsoft, Vodafone, Verizon and many others, as mentioned in a report published late Wednesday.

Source: Office 365 Flaw Allowed Anyone To Log In To Almost Any Business Account – Slashdot

Oops, don’t you love the cloud? 🙂